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This listing of claims replaces all prior versions, and 
listings of claims in the instant application: 

Listing of Claims; 

1. (Currently Amended) A method for controlling user 
access to distributed resources on a data communications 
network, the method comprising: 

receiving , by a resource server peer group, a 
resource request, said resource request including a rights 
key credential, said rights key credential comprising: 

at least one key to provide access to a resource 
on said data communications network; and 

a resource identifier, said resource identifier 
comprising a resource server peer group ID and a 
randomized user ID, said resource server peer group 
ID identifying asaid resource server peer group, said 
resource server peer group comprising at least one 
server that maintains a mapping between said 
randomized user ID and said at least one key, wherein 
said randomized user ID is associated with an 
identity of a user thereby protecting said identity; 
and 

providing access to said resource by said resource 
server peer group when uaing said at least one key matches 
an identifier in a set of identifiers associated with said 
resource . 
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2. (Currently Amended) A method for controlling user 
access to distributed resources on a data communications 
network, the method comprising: 

receiving , by a resource server peer group, a 
resource request, said resource request including a rights 
key credential, said rights key credential comprising: 
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at least one key, each of said at least one key 
providing access to at least one resource on said 
data communications network, each of said at least 
one resource stored on a separate secure device; and 

a resource identifier, said resource identifier 
comprising a resource server peer group ID and a 
randomized user ID, said resource server peer group 
ID identifying a said resource server peer group, said 
resource server peer group comprising at least one 
server that maintains a mapping between said 
randomized user ID and said at least one key, wherein 
said randomized user ID is associated with an 
identity of a user thereby protecting said identity; 
and 

providing access to said resource by said resource 
server peer group when uoing said at least one key matches 
an identifier in a set of identifiers associated with said 
resource . 



GUNNISON, McKAY & 

HODGSON, L.L.P. 
Garden West Office Plaza 
1900 Garden Road, Suite 220 
Monterey. CA 93940 

(831)655-0880 
Fax (831)655-0888 



3. (Currently Amended) A program storage device readable 
by a machine, embodying a program of instructions executable by 
the machine to perform a method for controlling user access to 
distributed resources on a data communications network, the 
method comprising: 

receiving , by a resource server peer group, a 
resource request, said resource request including a rights 
key credential, said rights key credential comprising: 

at least one key to provide access to a resource 
on said data communications network; and 

a resource identifier, said resource identifier 
comprising a resource server peer group ID and a 
randomized user ID, said resource server peer group 
ID identifying asaid resource server peer group, said 
resource server peer group comprising at least one 
server that maintains a mapping between said 



Page 3 of 8 



Appl. No. 10/014,893 

Amdt. dated December 14, 2006 

Reply to Advisory Action mailed October 31, 2006 



GUNNISON. McKAY & 

HODGSON. L.L.P. 
Garden West Office Piaza 
1900 Garden Road. Suite 220 
Monterey. CA 93940 

(83l) 655-OSSO 
Fax (831)655-0888 



randomized user ID and said at least one key, wherein 
said randomized user ID is associated with an 
identity of a user thereby protecting said identity; 
and 

providing access to said resource by said resource 
server peer group when uaing said at least one key matches 
an identifier in a set of identifiers associated with said 
resource. 

4. (Currently Amended) A program storage device readable 
by a machine, embodying a program of instructions executable by 
the machine to perform a method for controlling user access to 
distributed resources on a data communications network, the 
method comprising: 

receiving , by a resource server peer group, a 
resource request, said resource request including a rights 
key credential, said rights key credential comprising: 

at least one key, each of said at least one key 
providing access to at least one resource on said 
data communications network, each of said at least 
one resource stored on a separate secure device; and 
a resource identifier, said resource identifier 
comprising a resource server peer group ID and a 
randomized user ID, said resource server peer group 
ID identifying asaid resource server peer group, said 
resource server peer group comprising at least one 
server that maintains a mapping between said 
randomized user ID and said at least one key, wherein 
said randomized user ID is associated with an 
identity of a user thereby protecting said identity; 
and 

providing access to said resource by said resource 
server peer group when using said at least one key matches 
an identifier in a set of identifiers associated with said 
resource . 
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5. (Currently Amended) An apparatus for controlling user 
access to distributed resources on a data communications 
network, the apparatus comprising: 

means for receiving , by a resource server peer group, 

a resource request, said resource request including a 

rights key credential, said rights key credential 

comprising : 

at least one key to provide access to a resource 
on said data communications network; and 

a resource identifier, said resource identifier 
comprising a resource server peer group ID and a 
randomized user ID, said resource server peer group 
ID identifying a said resource server peer group, said 
resource server peer group comprising at least one 
server that maintains a mapping between said 
randomized user ID and said at least one key, wherein 
said randomized user ID is associated with an 
identity of a user thereby protecting said identity; 
and 

means for providing access to said resource by said 
resource server peer group when using said at least one 
key matches an identifier in a set of identifiers 
associated with said resource. 
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6. (Currently Amended) An apparatus for controlling user 
access to distributed resources on a data communications 
network, the apparatus comprising: 

means receiving , by a resource server peer group, a 
resource request, said resource request including a rights 
key credential, said rights key credential comprising: 

at least one key, each of said at least one key 
providing access to at least one resource on said 
data communications network, each of said at least 
one resource stored on a separate secure device; and 
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a resource identifier, said resource identifier 
comprising a resource server peer group ID and a 
randomized user ID, said resource server peer group 
ID identifying asaid resource server peer group, said 
resource server peer group comprising at least one 
server that maintains a mapping between said 
randomized user ID and said at least one key, wherein 
said randomized user ID is associated with an 
identity of a user thereby protecting said identity; 
and 

means for providing access to said resource by said 
resource server peer group when using said at least one 
key matches an identifier in a set of identifiers 
associated with said resource . 

7. (New) The method of Claim 1 wherein said rights key 
credential further comprises a nested credential referring to 
at least one credential relating to a resource delivery 
mechanism. 

8 . (New) The method of Claim 8 wherein said providing 
access further comprises using said resource delivery 
mechanism. 

9. (New) The method of Claim 2 wherein said rights key 
credential further comprises a nested credential referring to 
at least one credential relating to a resource delivery 
mechanism. 

10. (New) The method of Claim 9 wherein said providing 
access further comprises using said resource delivery 
mechanism. 
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